CVE-2023-3541

Опубликовано: 07 июл. 2023

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

CVSS2: 4

EPSS Низкий

Описание

A vulnerability has been found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /author_posts.php. The manipulation of the argument author with the input g6g12o8sdm leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233293 was assigned to this vulnerability.

Ссылки

https://vuldb.com/?ctiid.233293
Third Party Advisory
https://vuldb.com/?id.233293
Third Party Advisory
https://vuldb.com/?ctiid.233293
Third Party Advisory
https://vuldb.com/?id.233293
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:thinutech:thinu-cms:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00078

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-g7qq-vw36-r576

CVSS3: 3.5

github

больше 2 лет назад

A vulnerability has been found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /author_posts.php. The manipulation of the argument author with the input g6g12<script>alert(1)</script>o8sdm leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233293 was assigned to this vulnerability.

EPSS

Процентиль: 23%

0.00078

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79